This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft File: 2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft (raw, json) Hash identifier: RUlgdD7tSaYZah3vxIR9Ql4esIP20MJJYOrYlquByWY= Subject key identifier: E8:9E:13:DA:E0:24:66:11:71:65:1D:4C:7F:EB:BD:02:AB:BA:3C:CD Authority key identifier: D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1 Certificate issuer: /CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1 Certificate serial: 019AF9F9146779FA838D02525CE411AEDD9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft Manifest number: 0E58 Signing time: Sun 07 Dec 2025 18:00:41 +0000 Manifest this update: Sun 07 Dec 2025 18:00:41 +0000 Manifest next update: Mon 08 Dec 2025 18:00:41 +0000 Files and hashes: 1: 2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl (hash: bluwsLopxmvKOMIGLVkPsKZZ1eFVkzYjHtIslbuEiY0=) 2: wUSVu8lDNfoUWdaRO2jsDgRSmsg.roa (hash: A2CVwSparFGjp8/uMP7BcSnzpGUx0FpocYCZqqW30C8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f9:f9:14:67:79:fa:83:8d:02:52:5c:e4:11:ae:dd:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1 Validity Not Before: Dec 7 18:00:41 2025 GMT Not After : Dec 8 18:00:41 2025 GMT Subject: CN=e89e13dae024661171651d4c7febbd02abba3ccd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:94:0e:b3:5b:1d:3c:69:f5:2d:c0:46:f3:38: 35:70:c8:62:d2:4b:59:af:ec:60:9a:52:16:f1:0b: 71:79:c6:2a:56:b9:8d:20:94:87:47:a9:8f:8c:a8: ff:f1:46:6f:3d:43:5b:5f:c1:6e:a7:3a:8b:58:5d: af:18:31:a1:e8:38:b3:44:e8:5d:60:08:97:61:35: 0d:48:c7:ab:41:98:83:18:74:cd:c6:c0:6b:f6:60: 4e:b8:ff:79:aa:fe:87:75:03:7f:61:b6:12:73:74: bd:30:38:ae:c5:cc:f5:f5:2b:54:ec:93:89:22:14: 55:c4:16:8a:cb:bb:d5:b6:67:a1:44:36:2a:57:69: 15:ca:e5:3f:d2:35:db:b3:51:a9:1e:e7:ec:c9:a4: 0e:6e:49:4f:3c:9c:90:f6:03:83:1d:91:1a:1a:d9: 95:dc:9a:82:a6:b9:a8:e1:92:87:86:c6:77:01:2a: 44:00:ec:2a:49:b0:8f:82:80:b1:e8:ab:11:09:c3: b2:df:8f:18:9e:69:4f:c8:b0:fd:5c:0d:14:6c:1e: b8:36:e7:f9:6e:57:17:cc:04:c9:7e:8c:a0:c3:eb: ae:8b:bd:23:94:5b:55:3e:26:f5:2f:4e:e2:10:f9: 0e:9a:be:8a:e4:da:cd:66:f7:af:30:2c:08:07:38: 89:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:9E:13:DA:E0:24:66:11:71:65:1D:4C:7F:EB:BD:02:AB:BA:3C:CD X509v3 Authority Key Identifier: keyid:D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:c0:2a:c2:97:84:6a:c8:c1:6d:21:c3:69:1b:1e:46:75:9f: dc:1d:cd:1c:b9:9f:88:ec:6f:39:b9:dd:42:d8:27:9b:13:1e: 51:f6:c0:7f:20:08:e7:93:3d:a1:11:e0:8f:ba:7b:46:71:77: c8:05:e8:f3:8a:9b:7d:18:f6:1b:7b:48:f0:5b:a9:d6:36:93: fc:83:fd:a4:4b:d5:2e:3e:9c:fc:fc:10:e1:24:cd:f4:31:2b: f3:4d:5c:bc:e6:67:74:23:c2:a5:86:d4:54:4d:28:27:03:24: 8d:3f:4d:76:75:b7:73:16:15:9b:3b:10:38:40:bf:08:21:14: a2:47:17:f4:2a:b2:60:75:b8:83:b2:c9:5e:3f:04:77:55:7d: 8d:a4:91:b9:c6:34:3b:20:03:8e:ca:6e:ac:85:cb:84:1a:b3: 64:6c:bc:79:c4:f1:f6:e0:77:89:c5:31:7b:70:58:1d:c1:0d: d2:dc:d6:c9:b2:65:ba:22:cf:97:83:93:a2:ea:16:2f:f6:d8: 3c:00:1e:d5:cb:56:7c:fa:d0:0d:57:6e:e3:cb:0b:d6:3c:5b: 7c:9c:e6:bc:f9:c8:00:fb:9b:c3:08:39:26:b0:44:2b:28:96: 94:e6:b1:4d:ce:09:0c:3d:77:a2:f6:fb:4f:0d:7e:8d:70:1f: d9:77:96:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr5+RRnefqDjQJSXOQRrt2aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MzIwYmQ0ZWY4NThmZDYyYmIyNDg1ZDA4YjBhODY5MjBl OTExYzEwHhcNMjUxMjA3MTgwMDQxWhcNMjUxMjA4MTgwMDQxWjAzMTEwLwYDVQQD EyhlODllMTNkYWUwMjQ2NjExNzE2NTFkNGM3ZmViYmQwMmFiYmEzY2NkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJQOs1sdPGn1LcBG8zg1cMhi0ktZ r+xgmlIW8QtxecYqVrmNIJSHR6mPjKj/8UZvPUNbX8FupzqLWF2vGDGh6DizROhd YAiXYTUNSMerQZiDGHTNxsBr9mBOuP95qv6HdQN/YbYSc3S9MDiuxcz19StU7JOJ IhRVxBaKy7vVtmehRDYqV2kVyuU/0jXbs1GpHufsyaQObklPPJyQ9gODHZEaGtmV 3JqCprmo4ZKHhsZ3ASpEAOwqSbCPgoCx6KsRCcOy348YnmlPyLD9XA0UbB64Nuf5 blcXzATJfoygw+uui70jlFtVPib1L07iEPkOmr6K5NrNZvevMCwIBziJewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOieE9rgJGYRcWUdTH/rvQKrujzNMB8GA1UdIwQY MBaAFNgyC9TvhY/WK7JIXQiwqGkg6RHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEt M2EwZmFhMjhiNWFjLzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEtM2EwZmFhMjhiNWFj LzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqMAqwpeE asjBbSHDaRseRnWf3B3NHLmfiOxvObndQtgnmxMeUfbAfyAI55M9oRHgj7p7RnF3 yAXo84qbfRj2G3tI8Fup1jaT/IP9pEvVLj6c/PwQ4STN9DEr801cvOZndCPCpYbU VE0oJwMkjT9NdnW3cxYVmzsQOEC/CCEUokcX9CqyYHW4g7LJXj8Ed1V9jaSRucY0 OyADjspurIXLhBqzZGy8ecTx9uB3icUxe3BYHcEN0tzWybJluiLPl4OTouoWL/bY PAAe1ctWfPrQDVdu48sL1jxbfJzmvPnIAPubwwg5JrBEKyiWlOaxTc4JDD13ovb7 Tw1+jXAf2XeWow== -----END CERTIFICATE-----Generated at Sun Dec 7 19:51:14 2025 by rpki-client